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DETAILED ACTION 

I 

1 . A request for continued examination under 37 CFR 1.114, including the fee set forth 
in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
2/28/07 has been entered. 

2. The text of those sections of Title 35, U.S. Code not included in this action can be 

l 

found in a prior office action. ; 

Response to Amendment 

3. As per claim 1-5, 13, 16-18 and 30, applicant argues that "Laferet a. is silent 
regarding authentication challenges, let alone anticipating authentication challenges 

to resource requests from application ^based on responses generated during 

i 

previous resource requests by applications as in applicant's claimed invention". 

Applicant argument's is found non persuasive. Wu et al.'s invention is directed 

i 

towards determining a user access to' a system utilizing multiple authentication 

services (e.g. Wu et al., Abstract). Wu et al. discloses authentication challenges 

i 

(Wu et al., Fig. 1 , col. 9 lines 47-col. 56) and Lafer et al. discloses the notion of 
caching, wherein responses to resource requests from applications are anticipated 
based upon run-time learning during previous resource requests by applications 
(Lafer et al., col. 3 lines 56-58). The examiner also points out that the concept of 
caching resulting in increased performance and decreased response time to 



I 



Application/Control Number: 09/818,358 Page 3 

Art Unit: 2134 ; 

requests is a well known and applied concept in the art of computing. In addition to 
Lafer et al. reference, the examiner offered Michel and Hamilton teaching to identify 
the fact of implementing caching in the art of computing. 

4. As per claims 6-7, 22-23 and 26, applicant argues that Travis et al. does not teach 
"generating a pre-authentication challenge test message based upon anticipating an 
authentication challenge to a resource request from an application based on 
responses generated during previous resource requests by applications as taught by 
the subject claims". ] 

5. The examiner points out that the claim limitation is treated as a pre-step of a 
previously discussed authentication, such as a test step. Although, Wu et al. do not 

explicitly discuss test procedures, conducting tests prior to implementation of a 

i 

system is old and well-known practice, as shown by Travis et al. (col. 2 lines 20-41) 
giving a benefit of addressing and avoiding potential problems prior to the system's 
live implementation. The examiner considers the test data received by the 
authentication manager triggering "pre-authentication procedures" to be essentially 
the same as the authentication procedures. 

6. Claims 1-20, 22-26 and 30 have been examined. 

Claim Rejections - 35 USC §101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 
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I 

I ■ 

7. Claims 1-15 are rejected under 35 U.S.C. 101 because the computer implemented 
system disclosed in the claim language does not preclude the claimed subject 

matter to be implemented by non-hardware components. In fact, the specification 

i ■ 

discloses the recited elements to be implemented in program/software. As a result, 

1 ■ ■ 

the system is non statutory. 

! ; 
I 

Claim Rejections - 35 USC § 103 

8. Claims 1-5, 13, 16-18 and 30 remain rejected under 35 U.S.C. 103(a) as being 
obvious over Wu et al. (U.S. Patent No. 5774551) in view of Lafer et al. (U.S. Patent 
No. 6192382). \ 

: I 

I - 

As per claims 1,16 and 30 Wu eta'l. teach employing a component implemented on 
a computer readable medium to accept an authentication challenge and passing a 
first data associated with the authentication challenge to an authentication manager 
(Wu et al., Fig. 1, col. 9 lines 47-col. 56). Wu et al. teach that the authentication 

i 

manager processes the first data into second data of a first type appropriate for a 

first authentication module, and that the authentication manager processes the first 

i " 

data into second data of a second type appropriate for a second authentication 

i • . • 

module, the first and second authentication modules having different requirements 

i - 

for the second data and passing at least one of the second data associated with the 
authentication challenge to one or more authentication modules, where the 
authentication modules are registered, with the authentication manager, and where 
the authentication modules are operatively connected to the authentication manager 
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(Wu etal., col. 9 lines 63-67). The authentication modules are registered with the 

i 

authentication manager (Wu et al., col. 9 lines 52-56) and produce one or more 
responses to the authentication challenge (Wu et ai, col. 9 lines 67-col. 10 line 2). 

9. As per claims 13 and 18 Wu et al. teach that the authentication challenge is 
generated by at least one of a Kerberos authentication system, a digest 

i 

authentication system, a Basic authentication system, an NTLM authentication 
system and a certificate based authentication system (Wu etal., col. 2 lines 1-43) 
and it is a multipart authentication challenge (Wu et al., col. 9 lines 65-67). 

10. Wu etal. does not teach determining anticipated responses (authentication 

i 

challenge) to resource requests based upon run-time learning during previous 
resource requests by applications. 

Laferet al. (col. 3 lines 56-58), implements anticipating responses to resource 
requests from applications based upon run-time learning during previous resource 
requests by applications. 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 

invention to incorporate determining anticipated responses to resource requests 

i 

from applications based upon run-time learning during previous resource requests 
by applications as taught by Later et al. given the benefit of increased performance 
and decreased response time to requests. 

1 1 . The examiner points out that teaching of Later et al. is an illustration of an old and 
well-known concept of caching (see previous Office Action for additional examples, 
in particular Michel [24] or Hamilton). 
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12. Claims 6-7, 22-23 and 26 remain rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wu era/. (U.S. Patent No. 5774551) in Laferetal. (U.S. Patent 
No. 6192382) and further in view of Travis et al. (U.S. Patent No. 6269367). 

As per claims 3-5 and 7 and 23 Wu et al. teach multipart authentication generated 

i 

i 

by at least one of a Kerberos authentication system, a digest authentication system, 

a Basic authentication system, an NTLM authentication system and a certificate 

i 

based authentication system and producing a set of third data as discussed above 
and teach that the authentication modules employ one or more services (Wu et al., 
col: 21 lines 10-23). 

13. Furthermore, claims 6, 22 and 26 essentially refer to a pre-step of a previously 
discussed authentication, wherein instead of receiving, processing and responding 
to data associated with the communication challenge there is a test, and wherein 
test data received by the authentication manager triggers "pre-authentication 
procedures" that are essentially the same as the authentication procedures. 
Although, Wu et al. do not explicitly discuss test procedures, conducting tests prior 
to implementation of a system is old and well-known practice as shown by Travis et 
al. (col. 2 lines 20-41) giving a benefits addressing and avoiding potential problems 
prior to the system's live implementation. 

14. Claims 8-12, 14-15, 19-20 and 24-25 remain rejected under 35 U.S.C. 103(a) as 
being unpatentable over Wu et al. (U.S. Patent No. 5774551) in view of Lafer et al. 
(U.S. Patent No. 6192382) and Travis t etal. (U.S. Patent No. 6269367) and further in 
view of Object Oriented Programmingas illustrated by Burroughs et al (U.S. Patent 
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No. 5878411), Kumar era/. (U.S. Patent No. 6343287), Microsoft Press (Microsoft 

I 

Press, "Computer Dictionary, 3 rd edition, ISBN: 157231446X, 1997) and New Rider 

(New Rider, "Windows 98 Professional Reference", 

i 

http://cma.zdnet com/book/win 98prfref/ch 1 5/ch 1 5.htm). 

As per claims 8 and 10-1 1 Wu et al. 's 'invention is object-oriented system that uses a 
class factory (Wu et al., col. 12 lines 4-19, 39-47, col. 13 lines 4-11). However, Wu 
et al. do not explicitly teach instantiating one or more authentication objects based, 
at least in part, on the first data, and authentication objects callable by the 
authentication manager, and a data store that holds information associated with 
selectively instantiating the one or more authentication objects that can be callable 

by the authentication manager. However, these concepts are well known in the art. 

i 

For example, Burroughs et al. disclose fundamentals of Object Oriented 

i 

Programming: i 

"A fundamental concept in OOP is the class. A class is a template or prototype that 
defines a type of object. A programmer may define a class by writing a section of 
code known as a class definition. An object is an instance of a class. An object is 
created or instantiated at run-time, i.e., when the computer executes a statement in 
the program calling for the instantiation of an object of a specified class. An object 
may include attributes or data as well as functions or methods. The class definition 
specifies the attributes and methods. The attributes are represented in an object by 
the values of instance variables" (Burroughs et al., col. 5 lines 15-25). 
15. Another example is provided by Kumar et al. who's invention involves 
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"a mechanism, method, and computer program product for linking a profile service 
instance to a plurality of external data stores. External data store profile that Is 
created in the profile service that names the connector class. An external data store 
reference object is created in the profile service instance that identifies the external 
data store profile and a number of parameters that specify particular data desired 
from the external data store. A profile within the profile service instance includes an 
attribute that names the data store reference object. When the attribute is evaluated, 
the data store reference object is instantiated, optionally using parameters specified 
at runtime, and passed as a parameter to an instance of the data store connector 
class identified by the external data store profile" (Kumar et a/., col 5 lines 10-32). 

In light of the above references it would have been obvious to one of ordinary skill in 

i 

the art at the time of applicant's to register objects with the class factory and with the 
data store instantiating one or more authentication objects based, at least in part, on 
the first data, and authentication objects callable by the authentication manager, and 
a data store that holds information associated with selectively instantiating the one 
or more authentication objects callable by the authentication manager. One of 
ordinary skill in art at the time of applicant's invention would have employed such a 
modification to conform with and take a full advantage of object oriented design, as 
well as to ensure that the objects are known and utilized by the system. 
16. As per claims 12 and 25 Wu et al. do not explicitly teach that the applications do not 
have to be recoded or recompiled in order to employ the newly registered object" is 
acknowledged. 

i 
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However, as illustrated by Microsoft Press (dynamic link library, pg. 166) as well as 
the New Rider's "Windows 98 Professional Reference" reference (New Rider, 
"Understanding HKEY_CLASSES_ROOT" section) disclose application that does 
not have to be recoded or recompiled to employ the registered objects were well 
known in the art and it would have been obvious to one of ordinary skill in the art at 
the time of applicant's invention to incorporate such applications in order to speed up 

i 

the applications' execution. ! 

17. As per claims 19-20 and 24 Wu et al. teach that one or more authentication modules 

are "plugged" into and communicate with "pluggable account management" as 

I 

objects (e.g. passing parameters, Fig! 1 and col. 13 line 53 col. 14 line 35) and it 
would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to keep updating the authentication solution disclosed by Wu et al. by 
extending available modules including additional authentication schemes modules. 
One of ordinary skill in the art would have been motivated to perform such a 
modification in order to accommodate new authentication protocols. 

18. As per claims 14-15 Wu et al. 's distributed authentication includes the computer 
facilitating the authentication, terminal! and remote computers (Wu et al. Fig. 1). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peter Poltorak whose telephone number is (571) 272- 
3840. The examiner can normally be reached Monday through Thursday from 9:00 
a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, KambizZand can be reached on (571) 272-3811. The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 



Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). a 




